ClawHub

AI SEO Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is unlikely to compromise a device, but it presents simulated SEO data as real business analytics.

Review before installing for production or business reporting. Treat outputs as demo-quality or synthetic unless the publisher clearly labels simulated data, connects to trustworthy SEO data sources, and documents privacy, retention, and any third-party processing for submitted URLs, domains, keywords, and content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The method claims to obtain keyword ranking data but actually returns fabricated random values. This can mislead downstream users, reports, or automated decisions into treating fake analytics as real business intelligence, causing incorrect operational or financial actions. In a ranking-tracker skill, deceptive simulated output is more dangerous because users are likely to rely on the results as if they reflect external reality.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The module is documented and structured as a web/SEO search component, but `_performSearch` returns fabricated mock data rather than real search results. In a security-sensitive agent context, this can mislead downstream automation, cause incorrect decisions, and hide the fact that no external retrieval occurred, which is a form of integrity failure.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README advertises features that likely transmit URLs, page content, keywords, and domain data to external services, but it does not clearly disclose that user-supplied data may leave the local environment. This creates a meaningful privacy and data-handling risk because users may submit sensitive draft content, internal URLs, or proprietary SEO strategy data without informed consent.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The trigger phrase for generating SEO reports is broad enough that normal conversation could unintentionally invoke the skill without clear user intent or required inputs. In a skill that can analyze URLs and generate reports, accidental activation can lead to unintended processing of user-supplied sites or content and confusing behavior.

Vague Triggers

Low
Confidence
84% confidence
Finding
The ranking-report trigger lacks clear scope, target, and input requirements, so the system may generate a report using incomplete assumptions or the wrong domain/keyword set. This primarily creates integrity and privacy concerns by causing unintended analysis or misleading output rather than direct system compromise.

Vague Triggers

Medium
Confidence
82% confidence
Finding
A generic internal-link optimization trigger can be activated from vague requests and may prompt the skill to make assumptions about which site or content should be analyzed. Because this behavior concerns website structure and URL analysis, unintended activation could expose user data, produce unwanted recommendations, or operate on the wrong target.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill invites URL-based analysis and ranking tracking but does not warn users about what data may be collected, fetched, stored, or inferred from those actions. In SEO tooling, this can create privacy, consent, and transparency issues, especially when competitor tracking or external site analysis is involved.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal